search

googlearchive / k8s-service-catalog

[DEPRECATED] Commandline tool to manage Service Catalog lifecycle and GCP Service Broker atop Kubernetes Cluster
Apache License 2.0
69 stars 31 forks source link

svcat bind fails with parameters is a required property #202

Closed ghost closed 6 years ago

ghost commented 6 years ago

Hello,

I'm following https://cloud.google.com/kubernetes-engine/docs/how-to/add-on/service-catalog/use-service-catalog and facing issue at last step - bind to an instance. When I execute "svcat bind [INSTANCE-NAME] (--namespace [NAMESPACE] --param [KEY1]=[VALUE1] --param [KEY2]=[VALUE2] ...)" , the binding fails with "Invalid properties for 'gcp-services/composite:cloud-sql-mysql-binding-f3622e2':\n'parameters' is a required property".

Could you please help me to identify what are the mandatory parameters for binding MySQL 5.7 instance and maybe consider how the catalog and docu can be improved to provide more details about the error.

Thank you!

Can be reproduced by:

$ svcat version
client: v0.1.22
server: v1.10.4-gke.2

$ kubectl create namespace demo
$ svcat provision demo-mysql5 \
    --namespace demo \
    --class cloud-sql-mysql \
    --plan beta \
    --params-json '{"databaseVersion": "MYSQL_5_7","instanceId": "'demo-mysql-123'","region": "europe-west3","settings": {"tier": "db-n1-standard-1", "dataDiskType": "PD_HDD"}}'

$ svcat bind demo-mysql5 --namespace=demo --name demo-mysql-binding --secret-name demo-mysql-secret
  Name:        demo-mysql-binding
  Namespace:   demo
  Status:
  Secret:      demo-mysql-secret
  Instance:    demo-mysql5

Parameters:
  No parameters defined

$ svcat get bindings -n demo
         NAME          NAMESPACE    INSTANCE     STATUS
+--------------------+-----------+-------------+---------+
  demo-mysql-binding   demo        demo-mysql5   Binding

$ svcat get bindings -n demo
         NAME          NAMESPACE    INSTANCE     STATUS
+--------------------+-----------+-------------+--------+
  demo-mysql-binding   demo        demo-mysql5   Failed

$ svcat get bindings -n demo demo-mysql-binding -o yaml
metadata:
  creationTimestamp: 2018-07-05T17:18:58Z
  finalizers:
  - kubernetes-incubator/service-catalog
  generation: 1
  name: demo-mysql-binding
  namespace: demo
  resourceVersion: "515"
  selfLink: /apis/servicecatalog.k8s.io/v1beta1/namespaces/demo/servicebindings/demo-mysql-binding
  uid: 809dc5cb-8077-11e8-8566-0a580a0c0034
spec:
  externalID: 809dc2f9-8077-11e8-8566-0a580a0c0034
  instanceRef:
    name: demo-mysql5
  parameters: {}
  secretName: demo-mysql-secret
status:
  asyncOpInProgress: false
  conditions:
  - lastTransitionTime: 2018-07-05T17:18:58Z
    message: |-
      Bind call failed: operation "projects/301608308155/operations/809dc2f9-8077-11e8-8566-0a580a0c0034/1530811139478203729" failed: generic::internal: operation projects/301608308155/operations/809dc2f9-8077-11e8-8566-0a580a0c0034/1530811139478203729 create binding deployment failed: generic::invalid_argument: Operation "operation-1530811140209-57043be3af968-25522df3-667427a0" failed with
      : [{"code":"MANIFEST_EXPANSION_USER_ERROR","location":"/deployments/bff63add9-9baa-4f63-8fea-f98d6ff73b28/manifests/manifest-1530811140394","message":"Manifest expansion encountered the following errors: Invalid properties for 'gcp-services/composite:cloud-sql-mysql-binding-f3622e2':\n'parameters' is a required property\n Resource: bff63add9-9baa-4f63-8fea-f98d6ff73b28 Resource: config"}]
    reason: BindCallFailed
    status: "False"
    type: Ready
  - lastTransitionTime: 2018-07-05T17:19:09Z
    message: |-
      Bind call failed: operation "projects/301608308155/operations/809dc2f9-8077-11e8-8566-0a580a0c0034/1530811139478203729" failed: generic::internal: operation projects/301608308155/operations/809dc2f9-8077-11e8-8566-0a580a0c0034/1530811139478203729 create binding deployment failed: generic::invalid_argument: Operation "operation-1530811140209-57043be3af968-25522df3-667427a0" failed with
      : [{"code":"MANIFEST_EXPANSION_USER_ERROR","location":"/deployments/bff63add9-9baa-4f63-8fea-f98d6ff73b28/manifests/manifest-1530811140394","message":"Manifest expansion encountered the following errors: Invalid properties for 'gcp-services/composite:cloud-sql-mysql-binding-f3622e2':\n'parameters' is a required property\n Resource: bff63add9-9baa-4f63-8fea-f98d6ff73b28 Resource: config"}]
    reason: BindCallFailed
    status: "True"
    type: Failed
  orphanMitigationInProgress: false
  reconciledGeneration: 1
  unbindStatus: Required

(based on https://github.com/GoogleCloudPlatform/kubernetes-engine-samples/blob/master/service-catalog/cloud-sql-mysql/manifests/cloudsql-binding.yaml ) the binding can be done by doing something like:

svcat bind demo-mysql5 --namespace=demo --name demo-mysql-binding --secret-name demo-mysql-secret --params-json '{
      "serviceAccount": "<account from gcloud iam service-accounts list>",
      "roles": [
              "roles/cloudsql.client"
      ]
}'
khipkin commented 6 years ago

Hello @PavelPavlov46. When you called svcat bind, you did not include any parameters, which are required for the CloudSql for MySQL service class.

The binding to your CloudSQL for MySQL instance is what grants the specified level of access to your resource to the specified service account. For example, the cloud-sql-mysql sample app binds to the instance here. The parameters from the binding's yaml file are:

parameters:
    roles:
      - roles/cloudsql.client
    serviceAccount: cloudsql-user-service-account

In this example, the act of binding grants the roles/cloudsql.client role to the cloudsql-user-service-account service account in your configured project.

khipkin commented 6 years ago

Let me know if you have any more questions! We are happy to help.

ghost commented 6 years ago

Thanks @khipkin ! Yes, I agree with you and understand. It is just that to get there took some time and googling arround, because the section "Bind to an instance" of the guide at use-service-catalog didn't help much to understand which are the mandatory parameters I need to pass. You can take this issue as docu update request or some additional feature in the "svcat bind" comamnd where I can go as "stupid user" and ask "hey what are the mandatory params I need to give you to bind a Service of type abc" . If i miss something and this does not seem to make sense for other less experienced users we can Close my issue. Thanks again and wishing you succesfull week! Regards, Pavel

khipkin commented 6 years ago

Thanks for your feedback, @PavelPavlov46! We will take that into consideration. 😄Since your problem has been resolved, I will close this issue. Please let us know if we can do anything else to help!